RE:[cas-user] problem with POST requests

Fri, 21 Aug 2015 15:03:34 -0700 

Have a look at this email thread:

  https://groups.google.com/forum/#!topic/jasig-cas-user/if0SQ0gUbp8

It's an old problem.
I'm not sure how CAS JASPIC works, but I've seen the Java cas client in action. It seems to consume the ST, validate the ST, then redirect the client to the original resource. Like this: 

GET /foo?ST=12345
(processing happens to validate the ST)
RESPONSE: 302 REDIRECT /foo
GET /foo


When the redirect happens, the POST data is lost.

It might work if you switched from POST to GET.
You can read about some options and recommendations in the email thread above. 

        Andy

On Fri, 21 Aug 2015, Mahantesh Prasad Katti wrote:



Has anybody run into this problem? Do you think i need to explain this problem 
better or provide additional info?

Regards
Prasad

From: Mahantesh Prasad Katti
Sent: Friday, August 21, 2015 2:39 PM
To: cas-user@lists.jasig.org
Subject: [cas-user] problem with POST requests

Hi ,

We have a casified java application. This application exposes a bunch of REST 
apis. When accessing POST APIs from another application by explicitly obtaining 
the service ticket and appending it to the target URL, the calls are failing. 
Apparently, the after the ticket validation happens successfully, the POST body 
data gets lost and the service call fails because of that. Do we need to modify 
the server auth module to handle this scenario? Note that this happens for POST 
calls only. The get calls work just fine.

We are using the CAS JASPIC jar available from google groups. Any help is 
appreciated.

Regards
Prasad





--

You are currently subscribed to cas-user@lists.jasig.org as: 
mahantesh.ka...@indecomm.net

To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to cas-user@lists.jasig.org as: mor...@orst.edu
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user



--
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to